Fraud Alert - Russian Hackers Target Signal and WhatsApp Accounts

What Happened

The FBI and CISA have issued a Public Service Announcement (PSA) regarding a widespread phishing campaign linked to Russian hackers. This campaign targets users of popular messaging apps, specifically Signal and WhatsApp. The attackers are using social engineering tactics to gain access to accounts rather than attempting to break the apps' end-to-end encryption. This method allows them to eavesdrop on conversations without needing to compromise the encryption itself.

Earlier warnings from European intelligence agencies highlighted that these hackers approached high-value targets, including government officials and journalists, posing as support representatives. The current campaign appears to have expanded significantly, affecting thousands of accounts globally. This alarming trend underscores that the techniques used can easily be replicated by other cybercriminals, putting even everyday users at risk.

Who's Being Targeted

The primary targets of this campaign include current and former US government officials, military personnel, political figures, and journalists. However, the techniques employed are not limited to these high-profile individuals. The scalability of these tactics means that any messaging app user could fall victim. As the FBI and CISA noted, the potential for widespread impact is significant, as these phishing methods can easily be adapted for use against businesses and the general public.

Signs of Infection

Recognizing the signs of a phishing attack is crucial. Users should be cautious of unsolicited messages claiming to be from app support, especially if they ask for sensitive information like verification codes or passwords. Legitimate support channels will not request this information through chat messages. If you receive such a message, it’s wise to verify the request through official channels rather than clicking on any links provided.

Additionally, if you notice unusual activity in your messaging apps, such as messages sent without your knowledge or contacts receiving strange messages from you, these could be signs that your account has been compromised. It’s essential to act quickly to mitigate any potential damage.

How to Protect Yourself

To safeguard your messaging accounts, follow these essential security measures:

• Be skeptical of unsolicited messages: Treat messages from app support as suspicious. Always verify through official channels.
• Never share sensitive information: Avoid sharing SMS verification codes or app PINs, as this can give attackers access to your accounts.
• Utilize app security features: Enable features like registration locks and device-change alerts to add extra layers of security.
• Be cautious in conversations: Even with encryption, be mindful of discussing sensitive topics on commercial chat apps.

If you suspect your account has been hijacked, act immediately by trying to re-register your number in the app, revoking linked devices, and informing your contacts. Reporting the incident to the app provider and relevant authorities can also help mitigate risks. The sooner you act, the less chance attackers have to exploit your account.